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1 A Metadata.^ 

Gurmeet Singh, Shishir Bharathi, Ann Chervenak, Ewa Deelman, Carl Kesselman, Mary 
Manohar, Sonal Patil, Laura Pearlman 

November 2003 Proceedings of the 2003 ACM/IEEE conference on Supercomputing 

Full text available: l | | pdf{ 17.8.25 KB) Additional Information: full citation , abstract 

Advances in computational, storage and network technologies as well as middle ware such 
as the Globus Toolkit allow scientists to expand the sophistication and scope of data- 
intensive applications. These applications produce and analyze terabytes and petabytes of 
data that are distributed in millions of files or objects. To manage these large data sets 
efficiently, metadata or descriptive information about the data needs to be managed. There 
are various types of metadata, and it is likely that a ... 

2 FgrmMzinfllh^ 

Pieter H. Hartel, Luc Moreau 

December 2001 ACM Computing Surveys (CSUR), volume 33 issue 4 

Additional Information: full citation, abstract, references , citings, index 
terms 



Full text available: W pdfI442.8S KB) 



We review the existing literature on Java safety, emphasizing formal approaches, and the 
impact of Java safety on small footprint devices such as smartcards. The conclusion is that 
although a lot of good work has been done, a more concerted effort is needed to build a 
coherent set of machine-readable formal models of the whole of Java and its 
implementation. This is a formidable task but we believe it is essential to build trust in Java 
safety, and thence to achieve ITSEC level 6 or Common Crite ... 



Keywords: Common criteria, programming 



3 Protector 

Jerome H. Saltzer 

July 1974 Communications of the ACM, volume 17 issue 7 

Full text available- «| odf(1 75 MB) Additional Information: full citation , abstract, references , cite Mm 
k^"' terms 

The design of mechanisms to control the sharing of information in the Multics system is 
described. Five design principles help provide insight into the tradeoffs among different 
possible designs. The key mechanisms described include access control lists, hierarchical 
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control of access specifications, identification and authentication of users, and primary 
memory protection. The paper ends with a discussion of several known weaknesses in the 
current protection mechanism design. 

Keywords: Multics, access control, authentication, computer utilities, descriptors, privacy, 
proprietary programs, protected subsystems, protection, security, time-sharing systems, 
virtual memory 



4 InformMio^ 
development 
Richard Baskerville 

December 1993 ACM Computing Surveys (CSUR), volume 25 issue 4 

Additional Information: Ml citation, abstract references, citings, index 



Full text available: m pdf{3.44 MBj 

terms 

The security of information systems is a serious issue because computer abuse is 
increasing. It is important, therefore, that systems analysts and designers develop 
expertise in methods for specifying information systems security. The characteristics found 
in three generations of general information system design methods provide a framework for 
comparing and understanding current security design methods. These methods include 
approaches that use checklists of controls, divide functional req ... 

Keywords: checklists, control, integrity, risk analysis, safety, structured systems analysis 
and design, system modeling 



5 Verifying Security 

Maureen Harris Cheheyl, Morrie Gasser, George A. Huff, Jonathan K. Millen 
September 1981 ACM Computing Surveys (CSUR), volume 13 issue 3 

Full text available: a ^pdfC4,6S„MBl Additional Information: Migration, re^ences, citincjs, index terms 



6 Autpmat]c.p.acs^ 
Frederick J. Damerau 

June 1970 Communications of the ACM, volume 13 issue 6 

Full text available: f)df(4.07 MB) Additional Information: full citation , abstract, references , citings 

Although automatic syntactic and semantic analysis is not yet possible for all of an 
unrestricted natural language text, some applications, of which content analysis is one, do 
not have such a stringent coverage requirement. Preliminary studies show that the Harvard 
Syntactic Analyzer can produce correct and unambiguous identification of the subject and 
object of certain verbs for approximately half of the relevant occurences. This provides a 
degree of coverage for content analysis variable ... 

Keywords: content analysis, information retrieval, language analysis, natural language 
processing, parsing, syntactic analysis, text processing 
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System development methodology using LOGOS 
David B. Allen, Mark R. Dempsey, Leslie H. Goldsmith 

January 1987 ACM SIGAPL APL Quote Quad , Proceedings of the international 

conference on APL: APL in transition, volume 17 issue 4 
Full text available: MB) Additional Information: full citation, abstract, references, index terms 
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The development of applications written in APL has traditionally both benefited by and 
suffered from the freedom offered by the environment. A consequence of this freedom is 
that few applications are designed from the perspectives of consistency, modularity, and 
structure. This paper describes how LOGOS, a programming environment for APL, helps 
improve the development and maintenance of APL applications. Through the use of basic 
support facilities and integrated tools, LOGOS encourages a mo ... 

8 {{D)Fonria!jsm 

John Beidler, Robert McCloskey, Yaodong Bi 

May 2003 Journal of Computing Sciences in Colleges, volume 18 issue 5 

Full text available: B jj|l] pdf(135.37 KB) Additional Information: full citation, abstract, references , index terms 

This paper describes a "gentle" approach we are taking in our Data Structures and 
Algorithms course to introduce the use of formal notation as an aid in the specification and 
implementation of abstract data types. So that it can be included as comments within 
source code (and be processed by the javadoc utility), we chose a notation that relies upon 
only ASCII symbols, plus the ability to italicize, boldface, and form subscripts, superscripts, 
and horizontal lines. 

9 AuthenUcMo 

Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber 

November 1992 ACM Transactions on Computer Systems (TOCS), volume 10 issue 4 

Additional Information: full citation, abstract , references, citings , index 



Full text available: mpdf(3..37..MBl 

^ terms, review 

We describe a theory of authentication and a system that implements it. Our theory is 
based on the notion of principal and a "speaks for" relation between principals. A simple 
principal either has a name or is a communication channel; a compound principal can 
express an adopted role or delegated authority. The theory shows how to reason about a 
principal's authority by deducing the other principals that it can speak for; authenticating a 
channel is one important application. We ... 

Keywords: certification authority, delegation, group, interprocess communication, key 
distribution, loading programs, path name, principal, role, secure channel, speaks for, 
trusted computing base 



10 A study of input device manipulation difficulties 
Shari Trewin 

April 1996 Proceedings of the second annual ACM conference on Assistive technologies 

Full text available: W.pdfi945 t 60„KB) Additional Information: fulLcltaiion, references, citings, indexjejms 



Keywords: errors, input devices, input logging, keyboard, mouse, physical disability 



11 Integrated object-oriented testing and development processes 
John D. McGregor, Timothy D. Korson 

September 1994 Communications of the ACM, volume 37 issue 9 

Full text available: ^pdfQ979.M3) Additional Information: MLcitatjon, ieMMC.es, citings, .index terms, review 



12 Termination in language-based systems 
Algis Rudys, Dan S. Wallach 
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May 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 

Issue 2 

Full text available- fipdf/355 43 KB) Additional lnformation: Mixtion, abstrM, references, citing index 
^ terms 

Language run-time systems are increasingly being embedded in systems to support run- 
time extensibility via mobile code. Such systems raise a number of concerns when the code 
running in such systems is potentially buggy or untrusted. Although sophisticated access . 
controls have been designed for mobile code and are shipping as part of commercial 
systems such as Java, there is no support for terminating mobile code short of terminating 
the entire language run-time. This article presents a c ... 

Keywords: Applets, Internet, Java, resource control, soft termination, termination 



1 3 Compos lng„securjty 

Lujo Bauer, Jay Ligatti, David Walker 

June 2005 ACM SIGPLAN Notices , Proceedings of the 2005 ACM SIGPLAN conference 
on Programming language design and implementation PLDI '05, volume 40 

Issue 6 

Full text available: ^ jpdf(l55,16 KB) Additional Information: full citation, abstract, references, index terms 

We introduce a language and system that supports definition and composition of complex 
run-time security policies for Java applications. Our policies are comprised of two sorts of 
methods. The first is query methods that are called whenever an untrusted application tries 
to execute a security-sensitive action. A query method returns a suggestion indicating how 
the security-sensitive action should be handled. The second sort of methods are those that 
perform state updates as the pol ... 

Keywords: composable security policies, edit automata, program monitors, run-time 
enforcement, security automata 



14 invited papers on the frontiers of software practice: Component technology: what, 
where, and how? 

Clemens Szyperski 

May 2003 Proceedings of the 25th International Conference on Software Engineering 

Full text available: ^.pdjatfiB J 5 KB) 

Mi Additional Information: full citation, abstract, references, index terms 

^.Put?Mher Site 

Software components, if used properly, offer many software engineering benefits. Yet, they 
also pose many original challenges starting from quality assurance and ranging to 
architectural embedding and composability. In addition, the recent movement towards 
services, as well as the established world of objects, causes many to wonder what purpose 
components might have.This extended abstract summarizes the main points of my Frontiers 
of Software Practice (FOSP) talk at ICSE 2003. The topics covered ... 

15 Authentication in distributed systems: theory and practice 
Butler Lampson, Martin Abadi, Michael Burrows, Edward Wobber 

September 1991 ACM SIGOPS Operating Systems Review , Proceedings of the 

thirteenth ACM symposium on Operating systems principles, volume 25 

Issue 5 

Full text available- H pdfi2 33 MB* Additional Information: full citation, abstract , references, citing s , index 
' ™" " terms 

We describe a theory of authentication and a system that implements it. Our theory is 
based on the notion of principal and a "speaks for" relation between principals. A simple 
principal either has a name or is a communication channel; a compound principal can 
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express an adopted role or delegation of authority. The theory explains how to reason 
about a principal's authority by deducing the other principals that it can speak for; 
authenticating a channel is one important application. We use the th ... 

16 The Felix File Server H 
M. Fridrich, W. Older 

December 1981 Proceedings of the eighth ACM symposium on Operating systems 
principles 

Additional Information: full citation, abstract, references , citings, index 



Full text available: *P pdf(6Q0.39 KB? 

This paper describes Felix - a File Server for an experimental distributed multicomputer 
system. Felix is designed to support a variety of file systems, virtual memory, and database 
applications with access being provided by a local area network. Its interface combines 
block oriented data access with a high degree of crash resistance and a comprehensive set 
of primitives for controlling data sharing and consistency. An extended set of access modes 
allows increased concurrency over conventio ... 

17 On.auto^ 

speech act theory and expressive felicity 
Steven 0. Kimbrough, Scott A. Moore 

October 1997 ACM Transactions on Information Systems (TOIS), volume is issue 4 

Full text available: f§ pdfl[502.20 KB). Additional Information: full.cMtQ.n, abstract references, citings, index 
' ^ terms 

Electronic messaging, whether in an office environment or for electronic commerce, is 
normally carried out in natural language, even when supported by information systems. For 
a variety of reasons, it would be useful if electronic messaging systems could have semantic 
access to, that is, access to the meanings and contents of, the messages they process. 
Given that natural language understanding is not a practicable alternative, there remain 
three approaches to delivering systems with semant ... 

Keywords: electronic commerce, formal language for business communication, speech act 
theory 



18 Industrial experience with design patterns 

Kent Beck, Ron Crocker, Gerard Meszaros, John Vlissides, James O. Coplien, Lutz Dominick, 
Frances Paulisch 

May 1996 Proceedings of the 18th international conference on Software engineering 

Full text available: pdfyi.3Q MB) I P Additional Information: full citation, abstract, referees, citings, index 
PyMsher.Site -terms 

A design pattern is a particular prose form of recording design information such that 
designs which have worked well in the past can be applied again in similar situations in the 
future. The availability of a collection of design patterns can help both the experienced and 
the novice designer recognize situations in which design reuse could or should occur. We 
have found that design patterns: 1) provide an effective "shorthand" for communicating 
complex concepts effectively between designers, 2) ... 

Keywords: best practices, design information recording, design patterns, design reuse, 
industrial experience, information sharing, software architecture documentation, software 
reusability, system documentation 
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Mark T. Maybury 

April 1989 Proceedings of the fourth conference on European chapter of the 
Association for Computational Linguistics 

Full text available: fg ) pdff 484.05 KB) 

g Additional Information: fulj.citation, abstract, references 

W P. Publisher Site 

This paper discusses the application of a previously reported theory of explanation rhetoric 
(Maybury, 1988b) to the task of explaining constraint violations in a hybrid rule/frame 
based system for resource allocation (Dawson et al, 1987). This research illustrates how 
discourse strategies of explanation, textual connectives, and additional justification 
knowledge can be applied to enhance the cohesiveness, structure, and clarity of knowledge 
based system explanations. 

Jacques Robin 

June 1996 Proceedings of the 34th annual meeting on Association for Computational 

Linguistics 

Full text available: p pdf(621.07 KB) 

J=T Additional Information: MLsMttQD.. abstract, references 

HI P Publisher Site 

This paper presents a quantitative evaluation of the portability to the stock market domain 
of the revision rule hierarchy used by the system STREAK to incrementally generate 
newswire sports summaries. The evaluation consists of searching a test corpus of stock 
market reports for sentence pairs whose (semantic and syntactic) structures respectively 
match the triggering condition and application result of each revision rule. The results show 
that at least 59% of all rule classes are fully portabl ... 
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